Directory traversal vulnerable example

SUBMITTED BY: Guest

DATE: May 30, 2013, 3:54 a.m.

FORMAT: PHP

SIZE: 307 Bytes

Raw Download

HITS: 283051

Report
  1. <?
  2. $id = $_GET['archivo'];
  4. $enlace = "admin/imagenes_galeria/".$id;
  5. $rest = substr($id, -3);
  6. header ("Content-Disposition: attachment; filename=".$id);
  7. header ("Content-Type: image/$rest");
  8. header ("Content-Length: ".filesize($enlace));
  9. readfile($enlace);
  11. ?>
comments powered by Disqus